Phishing Scam
Phishing scam is a type of social engineering attack where fraudster usually masquerading as a trusted entity to deceive victim into clicking a malicious link in email and text message which will lead to the installation of malware in victim’s devices or revealing of victim’s sensitive information to fraudster.
How does it work?
Phishing emails and text messages usually appear to be coming from a trusted entity such as bank, Bank Negara Malaysia and claims that bank is now collecting personal banking information to update its database. Victim will be prompted to click on a malicious link in the email or text messages.
Once victim clicks on the malicious link, victim will be directed to a website that looks like a legitimate website (bogus website) requesting disclosure of personal information details such as internet/ mobile banking login ID, password and One Time Password and etc.
Fraudsters could access to the victims’ internet/ mobile banking account with the credentials that victims inputted into the bogus website.
How to avoid phishing scam?
Be wary of fraudulent emails and text claiming to be from reputable sources. Do not click on any links or open any attachments from unverified sender.
Always check the spelling of the content in the text or URLs link in the email before your click or enter sensitive information.
Never disclose password, PIN and token over the phone, email or SMS. Contact Bank of China immediately if you suspect your credential has been leaked.
Always refer to the contact number from Bank of China’s official website or the number at the back of your bank card.